Kwon, who is the fourth US-CERT director in five years, was frustrated by bureaucratic obstacles and a lack of authority to fulfill her mission, according to colleagues who spoke on the condition of anonymity. Her departure follows the resignation of the lead White House cybersecurity official, Melissa E. Hathaway, who said last week that she would step down.
I have also been hearing from a lot of people on both questions and there seems to be a growing consensus. One is almost unanimous respect and admiration for Hathaway, who led the Obama administration’s 60-day top-to-bottom review of the government’s cyber-security initiatives. (Find that report and other related links in the The DorobekInsider reader: Obama cyber policy review.) It was a monumental effort and they believe she carried it out extremely successfully.
Yet there is some concern in the cyber-security community that Hathway was not treated fairly by the White House. It was quietly reported last week that Hathaway was all-but escorted from her White House post last week. White House officials say her time at the White House had ended, but… if that’s the case and she had just announced her resignation… the White House could have followed her announcement with a notice giving her kudos for her tenure. Instead, even she was surprised to have been showed the door. Several people said it was, in part, Hathaway’s interview with the WP that may have hastened her White House departure.
“I wasn’t willing to continue to wait any longer, because I’m not empowered right now to continue to drive the change,” she said. “I’ve concluded that I can do more now from a different role,” most likely in the private sector.
Furthermore, she was widely considered one of the leading candidates for the cyber-czar job. The truth of that is unclear. Some have speculated that if she was going to get the job, President Obama would have announced it when he announced the creation of the cyber-security post.
The question is what is taking so long. The White House argues that they wanted to do a full review, but in the end, there are only a handful of people who are capable of this job. Davis has all but pulled his name from the list. Hathaway clearly has. But there are some who also feel that the job is simply not constructed correctly. The job was going to be difficult anyway, but the White House created a post that reports both to the National Security Council and the National Economic Council, and by reporting to two organizations, it creates inherent organizational tension.
More troublesome to me is the concern among some that the Obama White House is intolerant of dissent — you are either for them or against them, and if you are against them, you’re gone. It was a big issue with the Bush administration — it was the Emperor’s New Clothes syndrome. And several people expressed concern that the way Hataway has been treated is a eerie rememberence of those days. I think we’re doing a bit too much tea leaf reading, but… we’ll see.
Regardless, there in unanimous opinion that this post needs to be filled — and soon. I was talking to an influential CIO who stressed the importance of this position. There are important issues to confront, and this post can provide leadership — and management — on those issues, the CIO argued.
* Other Cyber-czar candidates… We hear the appointment was to have happened July 13, but could that be stepped up given recent events? GovInfoSecurity.com is hearing the same names that I’m hearing. I hear there are three names under serious consideration:
* Melissa Hathaway, who got high marks for leading the Obama cyber-security review * Fred Kramer, who served as the assistant defense secretary for international security affairs under President Clinton * Howard Schmidt, former Microsoft chief security advisor and former adviser to Bush on cyberspace security